Skip to content

Releases: hashicorp/cap

v0.7.0

01 Aug 21:01
b85f9a7
Compare
Choose a tag to compare

What's Changed

  • Add ability to the SAML test provider to create signed SAML responses by @hcjulz in #135
  • Bump golang.org/x/net from 0.22.0 to 0.23.0 by @dependabot in #136
  • feat (config): add support for a http.RoundTripper by @jimlambrt in #137
  • chore: update deps by @jimlambrt in #138

Full Changelog: v0.6.0...v0.7.0

v0.6.0

28 Mar 15:33
1b8eac3
Compare
Choose a tag to compare

What's Changed

New Contributors

Full Changelog: v0.5.0...v0.6.0

v0.5.0

06 Feb 19:10
ed8f245
Compare
Choose a tag to compare

Improvements

  • JWT
    • Adds ability to specify more than one KeySet used for token validation (#128)

v0.4.1

21 Dec 15:24
20669ce
Compare
Choose a tag to compare

Bug Fixes

  • SAML: Truncate issue instant to microseconds to support Microsoft Entra ID enterprise applications #126

v0.4.0

22 Sep 16:18
f7be17e
Compare
Choose a tag to compare

New and Improved:

  • Support for SAML authentication (#99).

v0.3.4

27 Jul 12:47
bdf7984
Compare
Choose a tag to compare

Bug fixes

  • OIDC/examples/cli
    • Use free port if OIDC_PORT is not set for the example (PR)

v0.3.3

25 Jul 09:25
4e72a79
Compare
Choose a tag to compare

Bug fixes:

  • LDAP
    • A more compete fix for escapeValue(...) and we've stopped exporting it (PR)

v0.3.2

14 Jul 19:17
f28ec04
Compare
Choose a tag to compare

Bug fixes:

  • Address a set of LDAP issues (PR):
    • Properly escape user filters when using UPN domains
    • Increase max tls to 1.3
    • Improve EscapeValue(...)
    • Use text template for rendering filters

v0.3.1

06 Jun 23:33
13edb82
Compare
Choose a tag to compare

Bug Fixes

  • Fixes integer overflow in auth_time claim validation when compiled for 32-bit
    architecture (PR)

v0.3.0

20 Apr 16:07
6d1e00a
Compare
Choose a tag to compare

OIDC

  • Add ProviderConfig which creates a provider that doesn't support OIDC discovery. It's probably better to use NewProvider(...) with discovery whenever possible (PR and issue).
  • Improve WSL detection (PR)
  • Add option to allow all of IAT, NBF, and EXP to be missing (PR)
  • Validate sub and aud are present in an id_token (PR)

LDAP

  • Add better (more consistent) timeouts (PR)
  • Add better error msgs on failed search queries (PR)
  • Add new config fields for including/excluding user attrs (PR)
  • Add WithUserAttributes(...) option to the ldap package that allows callers to request that attributes be returned for the authenticating user (PR)